/*     */ package com.zimbra.qa.unittest;
/*     */ 
/*     */ import com.zimbra.client.ZMailbox;
/*     */ import com.zimbra.common.auth.ZAuthToken;
/*     */ import com.zimbra.common.httpclient.HttpClientUtil;
/*     */ import com.zimbra.common.service.ServiceException;
/*     */ import com.zimbra.common.soap.Element;
/*     */ import com.zimbra.common.soap.Element.JSONElement;
/*     */ import com.zimbra.common.soap.Element.XMLElement;
/*     */ import com.zimbra.common.soap.SoapFaultException;
/*     */ import com.zimbra.common.soap.SoapHttpTransport;
/*     */ import com.zimbra.common.soap.SoapProtocol;
/*     */ import com.zimbra.common.soap.SoapTransport;
/*     */ import com.zimbra.common.soap.SoapUtil;
/*     */ import com.zimbra.common.util.Log;
/*     */ import com.zimbra.common.util.ZimbraHttpConnectionManager;
/*     */ import com.zimbra.common.util.ZimbraLog;
/*     */ import com.zimbra.cs.account.Account;
/*     */ import com.zimbra.cs.account.AuthToken;
/*     */ import com.zimbra.cs.account.Provisioning;
/*     */ import com.zimbra.cs.account.Server;
/*     */ import com.zimbra.cs.account.ZimbraAuthToken;
/*     */ import com.zimbra.cs.mailbox.MailItem.Type;
/*     */ import com.zimbra.cs.service.AuthProvider;
/*     */ import com.zimbra.soap.JaxbUtil;
/*     */ import com.zimbra.soap.account.message.AuthRequest;
/*     */ import com.zimbra.soap.account.message.AuthResponse;
/*     */ import com.zimbra.soap.account.message.EndSessionRequest;
/*     */ import com.zimbra.soap.admin.message.CreateAccountRequest;
/*     */ import com.zimbra.soap.mail.message.SearchRequest;
/*     */ import com.zimbra.soap.mail.message.SearchResponse;
/*     */ import com.zimbra.soap.type.AccountBy;
/*     */ import com.zimbra.soap.type.AccountSelector;
/*     */ import com.zimbra.soap.type.SearchHit;
/*     */ import java.io.IOException;
/*     */ import java.net.URI;
/*     */ import java.net.URISyntaxException;
/*     */ import java.util.List;
/*     */ import java.util.Map;
/*     */ import junit.framework.TestCase;
/*     */ import org.apache.commons.httpclient.Cookie;
/*     */ import org.apache.commons.httpclient.HttpClient;
/*     */ import org.apache.commons.httpclient.HttpState;
/*     */ import org.apache.commons.httpclient.methods.GetMethod;
/*     */ import org.apache.commons.httpclient.params.HttpClientParams;
/*     */ import org.junit.Assert;
/*     */ import org.junit.Test;
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ public class TestCookieReuse
/*     */   extends TestCase
/*     */ {
/*  70 */   private static final String NAME_PREFIX = TestUserServlet.class.getSimpleName();
/*     */   private static final String USER_NAME = "user1";
/*     */   
/*  73 */   public TestCookieReuse() { this.currentSupportedAuthVersion = 2; }
/*     */   
/*     */   public void setUp() throws Exception
/*     */   {
/*  77 */     cleanUp();
/*     */     
/*  79 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/*  80 */     TestUtil.addMessage(mbox, NAME_PREFIX);
/*  81 */     if (TestUtil.accountExists("unauthorized@example.com")) {
/*  82 */       TestUtil.deleteAccount("unauthorized@example.com");
/*     */     }
/*     */   }
/*     */   
/*     */   public void tearDown()
/*     */     throws Exception
/*     */   {
/*  89 */     cleanUp();
/*     */   }
/*     */   
/*     */   private void cleanUp() throws Exception
/*     */   {
/*  94 */     Provisioning.getInstance().getLocalServer().setLowestSupportedAuthVersion(this.currentSupportedAuthVersion);
/*  95 */     TestUtil.deleteTestData("user1", NAME_PREFIX);
/*     */   }
/*     */   
/*     */   public static void main(String[] args) throws Exception
/*     */   {
/* 100 */     TestUtil.cliSetup();
/* 101 */     TestUtil.runTest(TestCookieReuse.class);
/*     */   }
/*     */   
/*     */ 
/*     */   @Test
/*     */   public void testValidCookie()
/*     */     throws ServiceException, IOException
/*     */   {
/* 109 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/* 110 */     URI uri = mbox.getRestURI("Inbox?fmt=rss");
/*     */     
/* 112 */     HttpClient client = mbox.getHttpClient(uri);
/* 113 */     GetMethod get = new GetMethod(uri.toString());
/* 114 */     int statusCode = HttpClientUtil.executeMethod(client, get);
/* 115 */     assertEquals("This request should succeed. Getting status code " + statusCode, 200, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testValidSessionCookieReuse()
/*     */     throws ServiceException, IOException
/*     */   {
/* 124 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/* 125 */     URI uri = mbox.getRestURI("Inbox?fmt=rss");
/* 126 */     HttpClient alice = mbox.getHttpClient(uri);
/*     */     
/* 128 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 129 */     Cookie[] cookies = alice.getState().getCookies();
/* 130 */     HttpState state = new HttpState();
/* 131 */     for (int i = 0; i < cookies.length; i++) {
/* 132 */       Cookie cookie = cookies[i];
/* 133 */       state.addCookie(new Cookie(uri.getHost(), cookie.getName(), cookie.getValue(), "/", null, false));
/*     */     }
/* 135 */     eve.setState(state);
/* 136 */     GetMethod get = new GetMethod(uri.toString());
/* 137 */     int statusCode = HttpClientUtil.executeMethod(eve, get);
/* 138 */     assertEquals("This request should succeed. Getting status code " + statusCode, 200, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testAutoEndSession()
/*     */     throws ServiceException, IOException
/*     */   {
/* 147 */     TestUtil.setAccountAttr("user1", "zimbraForceClearCookies", "TRUE");
/* 148 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/* 149 */     URI uri = mbox.getRestURI("Inbox?fmt=rss");
/* 150 */     HttpClient alice = mbox.getHttpClient(uri);
/*     */     
/*     */ 
/* 153 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 154 */     Cookie[] cookies = alice.getState().getCookies();
/* 155 */     HttpState state = new HttpState();
/* 156 */     for (int i = 0; i < cookies.length; i++) {
/* 157 */       Cookie cookie = cookies[i];
/* 158 */       state.addCookie(new Cookie(uri.getHost(), cookie.getName(), cookie.getValue(), "/", null, false));
/*     */     }
/* 160 */     eve.setState(state);
/* 161 */     Account a = TestUtil.getAccount("user1");
/* 162 */     a.setForceClearCookies(true);
/*     */     
/* 164 */     EndSessionRequest esr = new EndSessionRequest();
/* 165 */     mbox.invokeJaxb(esr);
/* 166 */     GetMethod get = new GetMethod(uri.toString());
/* 167 */     int statusCode = HttpClientUtil.executeMethod(eve, get);
/* 168 */     assertEquals("This request should not succeed. Getting status code " + statusCode, 401, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testForceEndSession()
/*     */     throws ServiceException, IOException
/*     */   {
/* 177 */     TestUtil.setAccountAttr("user1", "zimbraForceClearCookies", "FALSE");
/* 178 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/* 179 */     URI uri = mbox.getRestURI("Inbox?fmt=rss");
/* 180 */     HttpClient alice = mbox.getHttpClient(uri);
/*     */     
/*     */ 
/* 183 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 184 */     Cookie[] cookies = alice.getState().getCookies();
/* 185 */     HttpState state = new HttpState();
/* 186 */     for (int i = 0; i < cookies.length; i++) {
/* 187 */       Cookie cookie = cookies[i];
/* 188 */       state.addCookie(new Cookie(uri.getHost(), cookie.getName(), cookie.getValue(), "/", null, false));
/*     */     }
/* 190 */     eve.setState(state);
/* 191 */     Account a = TestUtil.getAccount("user1");
/* 192 */     a.setForceClearCookies(false);
/*     */     
/* 194 */     EndSessionRequest esr = new EndSessionRequest();
/* 195 */     esr.setLogOff(true);
/* 196 */     mbox.invokeJaxb(esr);
/* 197 */     GetMethod get = new GetMethod(uri.toString());
/* 198 */     int statusCode = HttpClientUtil.executeMethod(eve, get);
/* 199 */     assertEquals("This request should not succeed. Getting status code " + statusCode, 401, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testInvalidSearchRequest()
/*     */     throws ServiceException, IOException
/*     */   {
/* 208 */     TestUtil.setAccountAttr("user1", "zimbraForceClearCookies", "FALSE");
/* 209 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/* 210 */     URI uri = mbox.getRestURI("Inbox?fmt=rss");
/* 211 */     mbox.getHttpClient(uri);
/* 212 */     ZAuthToken authT = mbox.getAuthToken();
/*     */     
/*     */ 
/* 215 */     SoapHttpTransport transport = new HttpCookieSoapTransport(TestUtil.getSoapUrl());
/* 216 */     transport.setAuthToken(authT);
/*     */     
/*     */ 
/* 219 */     SearchRequest searchReq = new SearchRequest();
/* 220 */     searchReq.setSearchTypes(MailItem.Type.MESSAGE.toString());
/* 221 */     searchReq.setQuery("in:inbox");
/*     */     
/* 223 */     Element req = JaxbUtil.jaxbToElement(searchReq, SoapProtocol.SoapJS.getFactory());
/* 224 */     Element res = transport.invoke(req);
/* 225 */     SearchResponse searchResp = (SearchResponse)JaxbUtil.elementToJaxb(res);
/* 226 */     List<SearchHit> searchHits = searchResp.getSearchHits();
/* 227 */     assertFalse("this search request should return some conversations", searchHits.isEmpty());
/*     */     
/*     */ 
/*     */ 
/* 231 */     Account a = TestUtil.getAccount("user1");
/* 232 */     a.setForceClearCookies(false);
/* 233 */     EndSessionRequest esr = new EndSessionRequest();
/* 234 */     esr.setLogOff(true);
/* 235 */     mbox.invokeJaxb(esr);
/*     */     
/*     */ 
/* 238 */     transport = new HttpCookieSoapTransport(TestUtil.getSoapUrl());
/* 239 */     transport.setAuthToken(authT);
/* 240 */     searchReq = new SearchRequest();
/* 241 */     searchReq.setSearchTypes(MailItem.Type.MESSAGE.toString());
/* 242 */     searchReq.setQuery("in:inbox");
/*     */     try {
/* 244 */       req = JaxbUtil.jaxbToElement(searchReq, SoapProtocol.SoapJS.getFactory());
/* 245 */       res = transport.invoke(req);
/* 246 */       searchResp = (SearchResponse)JaxbUtil.elementToJaxb(res);
/* 247 */       searchHits = searchResp.getSearchHits();
/* 248 */       assertTrue("this search request should fail", searchHits.isEmpty());
/*     */     } catch (SoapFaultException ex) {
/* 250 */       assertEquals("Should be getting 'auth required' exception", "service.AUTH_EXPIRED", ex.getCode());
/*     */     }
/*     */   }
/*     */   
/*     */ 
/*     */   private static final String UNAUTHORIZED_USER = "unauthorized@example.com";
/*     */   
/*     */   private int currentSupportedAuthVersion;
/*     */   @Test
/*     */   public void testWebLogOut()
/*     */     throws ServiceException, IOException, URISyntaxException, InterruptedException
/*     */   {
/* 262 */     TestUtil.setAccountAttr("user1", "zimbraForceClearCookies", "FALSE");
/* 263 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/* 264 */     URI uri = mbox.getRestURI("Inbox?fmt=rss");
/* 265 */     HttpClient alice = mbox.getHttpClient(uri);
/*     */     
/*     */ 
/* 268 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 269 */     Cookie[] cookies = alice.getState().getCookies();
/* 270 */     HttpState state = new HttpState();
/* 271 */     for (int i = 0; i < cookies.length; i++) {
/* 272 */       Cookie cookie = cookies[i];
/* 273 */       state.addCookie(new Cookie(uri.getHost(), cookie.getName(), cookie.getValue(), "/", null, false));
/*     */     }
/* 275 */     eve.setState(state);
/* 276 */     Account a = TestUtil.getAccount("user1");
/* 277 */     a.setForceClearCookies(false);
/*     */     
/* 279 */     URI logoutUri = new URI("http://" + uri.getHost() + (uri.getPort() > 80 ? ":" + uri.getPort() : "") + "/?loginOp=logout");
/* 280 */     GetMethod logoutMethod = new GetMethod(logoutUri.toString());
/* 281 */     int statusCode = alice.executeMethod(logoutMethod);
/* 282 */     assertEquals("Log out request should succeed. Getting status code " + statusCode, 200, statusCode);
/* 283 */     GetMethod get = new GetMethod(uri.toString());
/* 284 */     statusCode = HttpClientUtil.executeMethod(eve, get);
/* 285 */     assertEquals("This request should not succeed. Getting status code " + statusCode, 401, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testTokenRegistration()
/*     */     throws Exception
/*     */   {
/* 294 */     Account a = TestUtil.getAccount("user1");
/* 295 */     ZimbraAuthToken at = new ZimbraAuthToken(a);
/* 296 */     Assert.assertTrue("token should be registered", at.isRegistered());
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testTokenDeregistration()
/*     */     throws Exception
/*     */   {
/* 305 */     Account a = TestUtil.getAccount("user1");
/* 306 */     ZimbraAuthToken at = new ZimbraAuthToken(a);
/* 307 */     Assert.assertTrue("token should be registered", at.isRegistered());
/* 308 */     at.deRegister();
/* 309 */     Assert.assertFalse("token should not be registered", at.isRegistered());
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testAdminTokenDeregistration()
/*     */     throws Exception
/*     */   {
/* 318 */     AuthToken at = AuthProvider.getAdminAuthToken();
/* 319 */     Assert.assertTrue("token should be registered", at.isRegistered());
/* 320 */     at.deRegister();
/* 321 */     Assert.assertFalse("token should not be registered", at.isRegistered());
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testTokenExpiredTokenDeregistration()
/*     */     throws Exception
/*     */   {
/* 330 */     Account a = TestUtil.getAccount("user1");
/* 331 */     ZimbraAuthToken at = new ZimbraAuthToken(a, System.currentTimeMillis() - 1000L);
/*     */     
/* 333 */     ZimbraAuthToken at2 = new ZimbraAuthToken(a, System.currentTimeMillis() + 10000L);
/*     */     
/* 335 */     Assert.assertFalse("First token should not be registered", at.isRegistered());
/* 336 */     Assert.assertTrue("Second token should be registered", at2.isRegistered());
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testOldClientSupport()
/*     */     throws Exception
/*     */   {
/* 345 */     Account a = TestUtil.getAccount("user1");
/* 346 */     ZimbraAuthToken at = new ZimbraAuthToken(a, System.currentTimeMillis() - 1000L);
/* 347 */     Assert.assertTrue("token should be registered", at.isRegistered());
/* 348 */     at.deRegister();
/* 349 */     Assert.assertFalse("token should not be registered", at.isRegistered());
/*     */     
/*     */ 
/* 352 */     Provisioning.getInstance().getLocalServer().setLowestSupportedAuthVersion(1);
/* 353 */     Assert.assertTrue("token should appear to be registered", at.isRegistered());
/*     */     
/*     */ 
/* 356 */     Provisioning.getInstance().getLocalServer().setLowestSupportedAuthVersion(2);
/* 357 */     Assert.assertFalse("token should not be registered", at.isRegistered());
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testChangingSupportedAuthVersion()
/*     */     throws Exception
/*     */   {
/* 367 */     Provisioning.getInstance().getLocalServer().setLowestSupportedAuthVersion(2);
/* 368 */     Account a = TestUtil.getAccount("user1");
/* 369 */     String[] tokens = a.getAuthTokens();
/* 370 */     ZimbraAuthToken at1 = new ZimbraAuthToken(a, System.currentTimeMillis() + 10000L);
/* 371 */     String[] tokens2 = a.getAuthTokens();
/* 372 */     assertEquals("should have one more registered token", tokens.length + 1, tokens2.length);
/*     */     
/* 374 */     Provisioning.getInstance().getLocalServer().setLowestSupportedAuthVersion(1);
/* 375 */     ZimbraAuthToken at2 = new ZimbraAuthToken(a, System.currentTimeMillis() + 10000L);
/* 376 */     String[] tokens3 = a.getAuthTokens();
/* 377 */     assertEquals("should have the same number of registered tokens as before", tokens2.length, tokens3.length);
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testClearCookies()
/*     */     throws Exception
/*     */   {
/* 387 */     Account a = TestUtil.getAccount("user1");
/* 388 */     a.setForceClearCookies(true);
/* 389 */     ZimbraAuthToken at = new ZimbraAuthToken(a);
/* 390 */     Assert.assertTrue("token should be registered", at.isRegistered());
/* 391 */     at.deRegister();
/* 392 */     Assert.assertFalse("token should not be registered", at.isRegistered());
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testAuthTokenCleanup()
/*     */     throws Exception
/*     */   {
/* 401 */     Account a = TestUtil.getAccount("user1");
/* 402 */     String[] tokensPre = a.getAuthTokens();
/* 403 */     ZimbraAuthToken at1 = new ZimbraAuthToken(a, System.currentTimeMillis() + 1000L);
/* 404 */     assertFalse("token should not be expired yet", at1.isExpired());
/* 405 */     String[] tokensPost = a.getAuthTokens();
/* 406 */     assertEquals("should have one more authtoken now", tokensPre.length + 1, tokensPost.length);
/* 407 */     Thread.sleep(2000L);
/* 408 */     assertTrue("token should have expired by now", at1.isExpired());
/*     */     
/*     */ 
/* 411 */     ZimbraAuthToken at2 = new ZimbraAuthToken(a, System.currentTimeMillis() + 1000L);
/* 412 */     String[] tokensFinal = a.getAuthTokens();
/* 413 */     assertEquals("should have the same nunber of authtoken now as before", tokensPost.length, tokensFinal.length);
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testLoginClearAuthTokensException()
/*     */     throws Exception
/*     */   {
/* 422 */     Account a = TestUtil.getAccount("user1");
/* 423 */     ZimbraAuthToken at1 = new ZimbraAuthToken(a, System.currentTimeMillis() + 1000L);
/* 424 */     assertFalse("token should not be expired yet", at1.isExpired());
/* 425 */     Thread.sleep(2000L);
/* 426 */     assertTrue("token should have expired by now", at1.isExpired());
/*     */     
/*     */ 
/* 429 */     String[] tokens = a.getAuthTokens();
/* 430 */     for (String tk : tokens) {
/* 431 */       String[] tokenParts = tk.split("\\|");
/* 432 */       if (tokenParts.length > 0) {
/* 433 */         String szExpire = tokenParts[1];
/* 434 */         Long expires = Long.valueOf(Long.parseLong(szExpire));
/* 435 */         if (System.currentTimeMillis() > expires.longValue()) {
/* 436 */           a.removeAuthTokens(tk);
/*     */         }
/*     */       }
/*     */     }
/*     */     
/*     */ 
/* 442 */     SoapHttpTransport transport = new SoapHttpTransport(TestUtil.getSoapUrl());
/* 443 */     AccountSelector acctSel = new AccountSelector(AccountBy.name, a.getName());
/* 444 */     AuthRequest req = new AuthRequest(acctSel, "test123");
/* 445 */     Element resp = transport.invoke(JaxbUtil.jaxbToElement(req, SoapProtocol.SoapJS.getFactory()));
/* 446 */     AuthResponse authResp = (AuthResponse)JaxbUtil.elementToJaxb(resp);
/* 447 */     String newAuthToken = authResp.getAuthToken();
/* 448 */     assertNotNull("should have received a new authtoken", newAuthToken);
/* 449 */     AuthToken at = ZimbraAuthToken.getAuthToken(newAuthToken);
/* 450 */     assertTrue("new auth token should be registered", at.isRegistered());
/* 451 */     assertFalse("new auth token should not be expired yet", at.isExpired());
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   @Test
/*     */   public void testEndSessionNoCleanup()
/*     */     throws Exception
/*     */   {
/* 460 */     Account a = TestUtil.getAccount("user1");
/* 461 */     String[] tokensPre = a.getAuthTokens();
/* 462 */     ZimbraAuthToken at1 = new ZimbraAuthToken(a, System.currentTimeMillis() + 1000L);
/* 463 */     ZimbraAuthToken at2 = new ZimbraAuthToken(a, System.currentTimeMillis() + 100000L);
/* 464 */     assertFalse("First token should not be expired yet", at1.isExpired());
/* 465 */     assertFalse("Second token should not be expired", at2.isExpired());
/*     */     
/* 467 */     String[] tokensPost = a.getAuthTokens();
/* 468 */     assertEquals("should have two more authtoken now", tokensPre.length + 2, tokensPost.length);
/* 469 */     Thread.sleep(2000L);
/* 470 */     assertTrue("First token should have expired by now", at1.isExpired());
/* 471 */     assertFalse("Second token should not have expired by now", at2.isExpired());
/*     */     
/* 473 */     SoapHttpTransport transport = new SoapHttpTransport(TestUtil.getSoapUrl());
/* 474 */     EndSessionRequest esr = new EndSessionRequest();
/* 475 */     transport.setAuthToken(at2.getEncoded());
/* 476 */     transport.invoke(JaxbUtil.jaxbToElement(esr, SoapProtocol.SoapJS.getFactory()));
/* 477 */     String[] tokensFinal = a.getAuthTokens();
/* 478 */     assertEquals("should have one less authtoken after EndSessionRequest", tokensFinal.length, tokensPost.length - 1);
/*     */     
/*     */ 
/* 481 */     AccountSelector acctSel = new AccountSelector(AccountBy.name, a.getName());
/* 482 */     AuthRequest req = new AuthRequest(acctSel, "test123");
/* 483 */     transport.setAuthToken("");
/* 484 */     Element resp = transport.invoke(JaxbUtil.jaxbToElement(req, SoapProtocol.SoapJS.getFactory()));
/* 485 */     AuthResponse authResp = (AuthResponse)JaxbUtil.elementToJaxb(resp);
/* 486 */     String newAuthToken = authResp.getAuthToken();
/* 487 */     assertNotNull("should have received a new authtoken", newAuthToken);
/* 488 */     AuthToken at = ZimbraAuthToken.getAuthToken(newAuthToken);
/* 489 */     assertTrue("new auth token should be registered", at.isRegistered());
/* 490 */     assertFalse("new auth token should ne be expired yet", at.isExpired());
/*     */   }
/*     */   
/*     */ 
/*     */   @Test
/*     */   public static void testGetWithoutAdminCookie()
/*     */     throws Exception
/*     */   {
/* 498 */     int port = 7071;
/*     */     try {
/* 500 */       port = Provisioning.getInstance().getLocalServer().getIntAttr("zimbraAdminPort", 0);
/*     */     } catch (ServiceException e) {
/* 502 */       ZimbraLog.test.error("Unable to get admin SOAP port", e);
/*     */     }
/* 504 */     String getServerConfigURL = "https://localhost:" + port + "/service/collectconfig/?host=" + Provisioning.getInstance().getLocalServer().getName();
/* 505 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 506 */     GetMethod get = new GetMethod(getServerConfigURL);
/* 507 */     int statusCode = HttpClientUtil.executeMethod(eve, get);
/* 508 */     assertEquals("This request should NOT succeed. Getting status code " + statusCode, 401, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */   @Test
/*     */   public static void testReuseAdminCookieWithoutCsrf()
/*     */     throws Exception
/*     */   {
/* 516 */     AuthToken at = AuthProvider.getAdminAuthToken();
/* 517 */     at.setCsrfTokenEnabled(false);
/* 518 */     int port = 7071;
/*     */     try {
/* 520 */       port = Provisioning.getInstance().getLocalServer().getIntAttr("zimbraAdminPort", 0);
/*     */     } catch (ServiceException e) {
/* 522 */       ZimbraLog.test.error("Unable to get admin SOAP port", e);
/*     */     }
/* 524 */     String host = Provisioning.getInstance().getLocalServer().getName();
/* 525 */     String getServerConfigURL = "https://localhost:" + port + "/service/collectconfig/?host=" + host;
/* 526 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 527 */     HttpState state = new HttpState();
/* 528 */     at.encode(state, true, "localhost");
/* 529 */     eve.setState(state);
/* 530 */     GetMethod get = new GetMethod(getServerConfigURL);
/* 531 */     int statusCode = HttpClientUtil.executeMethod(eve, get);
/* 532 */     assertEquals("This request should succeed. Getting status code " + statusCode, 200, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */   @Test
/*     */   public static void testReuseUserCookieWithoutCsrf()
/*     */     throws Exception
/*     */   {
/* 540 */     AuthToken at = AuthProvider.getAuthToken(TestUtil.getAccount("user1"));
/* 541 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/* 542 */     URI uri = mbox.getRestURI("Inbox?fmt=rss&thief=false");
/* 543 */     at.setCsrfTokenEnabled(false);
/* 544 */     GetMethod get = new GetMethod(uri.toString());
/* 545 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 546 */     HttpState state = HttpClientUtil.newHttpState(new ZAuthToken(at.getEncoded()), uri.getHost(), false);
/* 547 */     eve.setState(state);
/* 548 */     eve.getParams().setCookiePolicy("compatibility");
/* 549 */     int statusCode = HttpClientUtil.executeMethod(eve, get);
/* 550 */     assertEquals("This request should succeed. Getting status code " + statusCode + " Response: " + get.getResponseBodyAsString(), 200, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */   @Test
/*     */   public static void testReuseUserCookieWithCsrf()
/*     */     throws Exception
/*     */   {
/* 558 */     AuthToken at = AuthProvider.getAuthToken(TestUtil.getAccount("user1"));
/* 559 */     ZMailbox mbox = TestUtil.getZMailbox("user1");
/* 560 */     URI uri = mbox.getRestURI("Inbox?fmt=rss&thief=true");
/* 561 */     at.setCsrfTokenEnabled(true);
/* 562 */     GetMethod get = new GetMethod(uri.toString());
/* 563 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 564 */     HttpState state = HttpClientUtil.newHttpState(new ZAuthToken(at.getEncoded()), uri.getHost(), false);
/* 565 */     eve.setState(state);
/* 566 */     eve.getParams().setCookiePolicy("compatibility");
/* 567 */     int statusCode = HttpClientUtil.executeMethod(eve, get);
/* 568 */     assertEquals("This request should succeed. Getting status code " + statusCode + " Response: " + get.getResponseBodyAsString(), 200, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */   @Test
/*     */   public static void testReuseAdminCookieWithCsrf()
/*     */     throws Exception
/*     */   {
/* 576 */     AuthToken at = AuthProvider.getAdminAuthToken();
/* 577 */     at.setCsrfTokenEnabled(true);
/* 578 */     int port = 7071;
/*     */     try {
/* 580 */       port = Provisioning.getInstance().getLocalServer().getIntAttr("zimbraAdminPort", 0);
/*     */     } catch (ServiceException e) {
/* 582 */       ZimbraLog.test.error("Unable to get admin SOAP port", e);
/*     */     }
/* 584 */     String host = Provisioning.getInstance().getLocalServer().getName();
/* 585 */     String getServerConfigURL = "https://localhost:" + port + "/service/collectconfig/?host=" + host;
/* 586 */     HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
/* 587 */     HttpState state = new HttpState();
/* 588 */     at.encode(state, true, "localhost");
/* 589 */     eve.setState(state);
/* 590 */     GetMethod get = new GetMethod(getServerConfigURL);
/* 591 */     int statusCode = HttpClientUtil.executeMethod(eve, get);
/* 592 */     assertEquals("This request should succeed. Getting status code " + statusCode, 200, statusCode);
/*     */   }
/*     */   
/*     */ 
/*     */   @Test
/*     */   public static void testUnauthorizedAdminPostWithCsrf()
/*     */     throws Exception
/*     */   {
/* 600 */     AuthToken at = AuthProvider.getAdminAuthToken();
/* 601 */     at.setCsrfTokenEnabled(true);
/* 602 */     SoapTransport transport = TestUtil.getAdminSoapTransport();
/* 603 */     transport.setAuthToken(at.getEncoded());
/* 604 */     Map<String, Object> attrs = null;
/* 605 */     CreateAccountRequest request = new CreateAccountRequest("unauthorized@example.com", "test123", attrs);
/*     */     try {
/* 607 */       transport.invoke(JaxbUtil.jaxbToElement(request));
/*     */     } catch (ServiceException e) {
/* 609 */       assertEquals("should be catching AUTH EXPIRED here", "service.AUTH_REQUIRED", e.getCode());
/* 610 */       return;
/*     */     }
/* 612 */     fail("should have caught an exception");
/*     */   }
/*     */   
/*     */ 
/*     */   private class HttpCookieSoapTransport
/*     */     extends SoapHttpTransport
/*     */   {
/*     */     public HttpCookieSoapTransport(String uri)
/*     */     {
/* 621 */       super();
/*     */     }
/*     */     
/*     */ 
/*     */ 
/*     */ 
/*     */     protected final Element generateSoapMessage(Element document, boolean raw, boolean noSession, String requestedAccountId, String changeToken, String tokenType)
/*     */     {
/* 629 */       SoapProtocol proto = getRequestProtocol();
/* 630 */       if (proto == SoapProtocol.SoapJS) {
/* 631 */         if ((document instanceof Element.XMLElement)) {
/* 632 */           proto = SoapProtocol.Soap12;
/*     */         }
/* 634 */       } else if ((document instanceof Element.JSONElement)) {
/* 635 */         proto = SoapProtocol.SoapJS;
/*     */       }
/* 637 */       SoapProtocol responseProto = getResponseProtocol() == null ? proto : getResponseProtocol();
/*     */       
/* 639 */       String targetId = requestedAccountId != null ? requestedAccountId : getTargetAcctId();
/* 640 */       String targetName = targetId == null ? getTargetAcctName() : null;
/*     */       
/* 642 */       Element context = null;
/* 643 */       if (generateContextHeader()) {
/* 644 */         context = SoapUtil.toCtxt(proto, null, null);
/* 645 */         if (noSession) {
/* 646 */           SoapUtil.disableNotificationOnCtxt(context);
/*     */         } else {
/* 648 */           SoapUtil.addSessionToCtxt(context, getAuthToken() == null ? null : getSessionId(), getMaxNotifySeq());
/*     */         }
/* 650 */         SoapUtil.addTargetAccountToCtxt(context, targetId, targetName);
/* 651 */         SoapUtil.addChangeTokenToCtxt(context, changeToken, tokenType);
/* 652 */         SoapUtil.addUserAgentToCtxt(context, getUserAgentName(), getUserAgentVersion());
/* 653 */         if (responseProto != proto) {
/* 654 */           SoapUtil.addResponseProtocolToCtxt(context, responseProto);
/*     */         }
/*     */       }
/*     */       
/* 658 */       Element envelope = proto.soapEnvelope(document, context);
/* 659 */       return envelope;
/*     */     }
/*     */   }
/*     */ }


/* Location:              /home/mint/zimbrastore.jar!/com/zimbra/qa/unittest/TestCookieReuse.class
 * Java compiler version: 7 (51.0)
 * JD-Core Version:       0.7.1
 */